SRTP, Secure Real-time Transport Protocol

Description Glossary RFCs Publications Obsolete RFCs


Protocol suite: TCP/IP.
Protocol type:Application layer protocol.
Base protocol: RTP, Real-Time Protocol.
RTP profile:RTP/SAVP.
Port:5004 (UDP).
Working groups:
Working groups: avt, Audio/Video Transport.
Links: IANA: RTP parameters.

MAC header IP header UDP header RTP header SRTP message

SRTP header:

0001020304050607 0809101112131415 1617181920212223 2425262728293031
RTP extension :::
Payload ::: Pad Pad count
Authentication tag

RTP extension.



Pad count.

MKI, Master Key Identifier. Variable length.
This field is defined, signaled and used by key management. MKI identifies the master key from which the session key(s) were derived that authenticate and/or encrypt the particular packet. Note that the MKI SHALL NOT identify the SRTP cryptographic context. The MKI MAY be used by key management for the purposes of re-keying, identifying a particular master key within the cryptographic context

Authentication tag. Variable length.
This field is used to carry message authentication data. The Authenticated Portion of an SRTP packet consists of the RTP header followed by the encrypted portion of the SRTP packet. Thus, if both encryption and authentication are applied, encryption SHALL be applied before authentication on the sender side and conversely on the receiver side. The authentication tag provides authentication of the RTP header and payload, and it indirectly provides replay protection by authenticating the sequence number. Note that the MKI is not integrity protected as this does not provide any extra protection.



[RFC 3711] The Secure Real-time Transport Protocol (SRTP).

[RFC 4383] The Use of Timed Efficient Stream Loss-Tolerant Authentication (TESLA) in the Secure Real-time Transport Protocol (SRTP).

[RFC 5669] The SEED Cipher Algorithm and Its Use with the Secure Real-Time Transport Protocol (SRTP).


Obsolete RFCs:

Description Glossary RFCs Publications Obsolete RFCs